On Fri, Oct 9, 2009 at 11:28 PM, steve-ALUG@hst.me.uk wrote:
James Taylor wrote:
The second thing is that security holes and requirements change over time. Older languages (pascal, fortran) never where really designed to do web scripts and talk to databases. They don't have the kind of functions which are useful (hrm, how DO you escape attempted sql injection in Fortran? ... maybe I'll try something on my new punch card writer!)
Er, COBOL perhaps? One of the first computer languages and designed to do database stuff!
As far as I'm aware, Cobol wasn't originally designed to "database" stuff - its just too old* (I'm talking pure original Cobol here). Programmers would have to develop their own file routines (however Cobol was one of the first languages to have the concept of "libraries" of other peoples code that you could call, so undoubtedly there would be database-type-libraries that could be added on.
Secondly, my point is about useful function - even if Cobol (originally) did have database specific functions, they would be very low in comparison to the sort of database functions that exist using things like Django and LINQ style interactions. Would it even have the concept of SQL Injection if in those days they had no user input? (again, a concept which has to be bolted onto the language at a later point).
I should point out that LINQ can be considered a bolt on - it didn't appear till .NET 3.5
JT